|
|
|
|
@ -106,7 +106,7 @@ service Workstations { |
|
|
|
|
option (google.api.method_signature) = "name"; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
// Returns all WorkstationConfigs in the specified cluster. |
|
|
|
|
// Returns all workstation configurations in the specified cluster. |
|
|
|
|
rpc ListWorkstationConfigs(ListWorkstationConfigsRequest) |
|
|
|
|
returns (ListWorkstationConfigsResponse) { |
|
|
|
|
option (google.api.http) = { |
|
|
|
|
@ -175,7 +175,7 @@ service Workstations { |
|
|
|
|
option (google.api.method_signature) = "name"; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
// Returns all Workstations using the specified config. |
|
|
|
|
// Returns all Workstations using the specified workstation configuration. |
|
|
|
|
rpc ListWorkstations(ListWorkstationsRequest) |
|
|
|
|
returns (ListWorkstationsResponse) { |
|
|
|
|
option (google.api.http) = { |
|
|
|
|
@ -184,8 +184,8 @@ service Workstations { |
|
|
|
|
option (google.api.method_signature) = "parent"; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
// Returns all Workstations using the specified config on which the caller has |
|
|
|
|
// the "workstations.workstations.use" permission. |
|
|
|
|
// Returns all workstations using the specified workstation configuration |
|
|
|
|
// on which the caller has the "workstations.workstations.use" permission. |
|
|
|
|
rpc ListUsableWorkstations(ListUsableWorkstationsRequest) |
|
|
|
|
returns (ListUsableWorkstationsResponse) { |
|
|
|
|
option (google.api.http) = { |
|
|
|
|
@ -343,7 +343,7 @@ message WorkstationCluster { |
|
|
|
|
[(google.api.field_behavior) = OUTPUT_ONLY]; |
|
|
|
|
|
|
|
|
|
// Checksum computed by the server. May be sent on update and delete requests |
|
|
|
|
// to ensure that the client has an up-to-date value before proceeding. |
|
|
|
|
// to make sure that the client has an up-to-date value before proceeding. |
|
|
|
|
string etag = 9; |
|
|
|
|
|
|
|
|
|
// Immutable. Name of the Compute Engine network in which instances associated |
|
|
|
|
@ -355,6 +355,12 @@ message WorkstationCluster { |
|
|
|
|
// subnetwork specified for this cluster. |
|
|
|
|
string subnetwork = 11 [(google.api.field_behavior) = IMMUTABLE]; |
|
|
|
|
|
|
|
|
|
// Output only. The private IP address of the control plane for this cluster. |
|
|
|
|
// Workstation VMs need access to this IP address to work with the service, so |
|
|
|
|
// make sure that your firewall rules allow egress from the workstation VMs to |
|
|
|
|
// this address. |
|
|
|
|
string control_plane_ip = 16 [(google.api.field_behavior) = OUTPUT_ONLY]; |
|
|
|
|
|
|
|
|
|
// Configuration for private cluster. |
|
|
|
|
PrivateClusterConfig private_cluster_config = 12; |
|
|
|
|
|
|
|
|
|
@ -403,10 +409,10 @@ message WorkstationConfig { |
|
|
|
|
// The name of a Compute Engine machine type. |
|
|
|
|
string machine_type = 1; |
|
|
|
|
|
|
|
|
|
// Email address of the service account that will be used on VM instances |
|
|
|
|
// used to support this config. If not set, VMs will run with a |
|
|
|
|
// Email address of the service account used on VM instances |
|
|
|
|
// used to support this configuration. If not set, VMs run with a |
|
|
|
|
// Google-managed service account. This service account must have |
|
|
|
|
// permission to pull the specified container image, otherwise the image |
|
|
|
|
// permission to pull the specified container image; otherwise, the image |
|
|
|
|
// must be publicly accessible. |
|
|
|
|
string service_account = 2; |
|
|
|
|
|
|
|
|
|
@ -414,9 +420,13 @@ message WorkstationConfig { |
|
|
|
|
// Workstations. |
|
|
|
|
repeated string tags = 4; |
|
|
|
|
|
|
|
|
|
// Number of instances to pool for faster workstation starup. |
|
|
|
|
// Number of instances to pool for faster workstation startup. |
|
|
|
|
int32 pool_size = 5; |
|
|
|
|
|
|
|
|
|
// Output only. Number of instances currently available in the pool for |
|
|
|
|
// faster workstation startup. |
|
|
|
|
int32 pooled_instances = 12 [(google.api.field_behavior) = OUTPUT_ONLY]; |
|
|
|
|
|
|
|
|
|
// Whether instances have no public IP address. |
|
|
|
|
bool disable_public_ip_addresses = 6; |
|
|
|
|
|
|
|
|
|
@ -493,7 +503,7 @@ message WorkstationConfig { |
|
|
|
|
// A Docker container. |
|
|
|
|
message Container { |
|
|
|
|
// Docker image defining the container. This image must be accessible by the |
|
|
|
|
// config's service account. |
|
|
|
|
// service account specified in the workstation configuration. |
|
|
|
|
string image = 1; |
|
|
|
|
|
|
|
|
|
// If set, overrides the default ENTRYPOINT specified by the image. |
|
|
|
|
@ -502,7 +512,7 @@ message WorkstationConfig { |
|
|
|
|
// Arguments passed to the entrypoint. |
|
|
|
|
repeated string args = 3; |
|
|
|
|
|
|
|
|
|
// Environment variables passed to the container. |
|
|
|
|
// Environment variables passed to the container's entrypoint. |
|
|
|
|
map<string, string> env = 4; |
|
|
|
|
|
|
|
|
|
// If set, overrides the default DIR specified by the image. |
|
|
|
|
@ -515,18 +525,19 @@ message WorkstationConfig { |
|
|
|
|
// A customer-managed encryption key for the Compute Engine resources |
|
|
|
|
// of this workstation configuration. |
|
|
|
|
message CustomerEncryptionKey { |
|
|
|
|
// The name of the Google Cloud KMS encryption key. For example, |
|
|
|
|
// Immutable. The name of the Google Cloud KMS encryption key. For example, |
|
|
|
|
// `projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME`. |
|
|
|
|
string kms_key = 1; |
|
|
|
|
string kms_key = 1 [(google.api.field_behavior) = IMMUTABLE]; |
|
|
|
|
|
|
|
|
|
// The service account to use with the specified |
|
|
|
|
// Immutable. The service account to use with the specified |
|
|
|
|
// KMS key. We recommend that you use a separate service account |
|
|
|
|
// and follow KMS best practices. For more information, see |
|
|
|
|
// [Separation of |
|
|
|
|
// duties](https://cloud.google.com/kms/docs/separation-of-duties) and |
|
|
|
|
// `gcloud kms keys add-iam-policy-binding` |
|
|
|
|
// [`--member`](https://cloud.google.com/sdk/gcloud/reference/kms/keys/add-iam-policy-binding#--member). |
|
|
|
|
string kms_key_service_account = 2; |
|
|
|
|
string kms_key_service_account = 2 |
|
|
|
|
[(google.api.field_behavior) = IMMUTABLE]; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
// Full name of this resource. |
|
|
|
|
@ -562,7 +573,7 @@ message WorkstationConfig { |
|
|
|
|
[(google.api.field_behavior) = OUTPUT_ONLY]; |
|
|
|
|
|
|
|
|
|
// Checksum computed by the server. May be sent on update and delete requests |
|
|
|
|
// to ensure that the client has an up-to-date value before proceeding. |
|
|
|
|
// to make sure that the client has an up-to-date value before proceeding. |
|
|
|
|
string etag = 9; |
|
|
|
|
|
|
|
|
|
// How long to wait before automatically stopping an instance that hasn't |
|
|
|
|
@ -586,7 +597,7 @@ message WorkstationConfig { |
|
|
|
|
// when that workstation is started. |
|
|
|
|
Container container = 14; |
|
|
|
|
|
|
|
|
|
// Encrypts resources of this workstation configuration using a |
|
|
|
|
// Immutable. Encrypts resources of this workstation configuration using a |
|
|
|
|
// customer-managed encryption key. |
|
|
|
|
// |
|
|
|
|
// If specified, the boot disk of the Compute Engine instance and the |
|
|
|
|
@ -602,7 +613,10 @@ message WorkstationConfig { |
|
|
|
|
// |
|
|
|
|
// If the encryption key is revoked, the workstation session will |
|
|
|
|
// automatically be stopped within 7 hours. |
|
|
|
|
CustomerEncryptionKey encryption_key = 17; |
|
|
|
|
// |
|
|
|
|
// Immutable after the workstation configuration is created. |
|
|
|
|
CustomerEncryptionKey encryption_key = 17 |
|
|
|
|
[(google.api.field_behavior) = IMMUTABLE]; |
|
|
|
|
|
|
|
|
|
// Output only. Whether this resource is degraded, in which case it may |
|
|
|
|
// require user action to restore full functionality. See also the |
|
|
|
|
@ -675,7 +689,7 @@ message Workstation { |
|
|
|
|
[(google.api.field_behavior) = OUTPUT_ONLY]; |
|
|
|
|
|
|
|
|
|
// Checksum computed by the server. May be sent on update and delete requests |
|
|
|
|
// to ensure that the client has an up-to-date value before proceeding. |
|
|
|
|
// to make sure that the client has an up-to-date value before proceeding. |
|
|
|
|
string etag = 9; |
|
|
|
|
|
|
|
|
|
// Output only. Current state of the workstation. |
|
|
|
|
@ -786,7 +800,7 @@ message DeleteWorkstationClusterRequest { |
|
|
|
|
bool validate_only = 2; |
|
|
|
|
|
|
|
|
|
// If set, the request will be rejected if the latest version of the |
|
|
|
|
// workstation cluster on the server does not have this etag. |
|
|
|
|
// workstation cluster on the server does not have this ETag. |
|
|
|
|
string etag = 3; |
|
|
|
|
|
|
|
|
|
// If set, any workstation configurations and workstations in the |
|
|
|
|
@ -876,7 +890,7 @@ message CreateWorkstationConfigRequest { |
|
|
|
|
} |
|
|
|
|
]; |
|
|
|
|
|
|
|
|
|
// Required. ID to use for the config. |
|
|
|
|
// Required. ID to use for the workstation configuration. |
|
|
|
|
string workstation_config_id = 2 [(google.api.field_behavior) = REQUIRED]; |
|
|
|
|
|
|
|
|
|
// Required. Config to create. |
|
|
|
|
@ -894,7 +908,8 @@ message UpdateWorkstationConfigRequest { |
|
|
|
|
WorkstationConfig workstation_config = 1 |
|
|
|
|
[(google.api.field_behavior) = REQUIRED]; |
|
|
|
|
|
|
|
|
|
// Required. Mask specifying which fields in the config should be updated. |
|
|
|
|
// Required. Mask specifying which fields in the workstation configuration |
|
|
|
|
// should be updated. |
|
|
|
|
google.protobuf.FieldMask update_mask = 2 |
|
|
|
|
[(google.api.field_behavior) = REQUIRED]; |
|
|
|
|
|
|
|
|
|
@ -902,14 +917,15 @@ message UpdateWorkstationConfigRequest { |
|
|
|
|
// apply it. |
|
|
|
|
bool validate_only = 3; |
|
|
|
|
|
|
|
|
|
// If set, and the config is not found, a new config will be created. |
|
|
|
|
// In this situation, update_mask is ignored. |
|
|
|
|
// If set and the workstation configuration is not found, a new |
|
|
|
|
// workstation configuration will be created. In this situation, |
|
|
|
|
// update_mask is ignored. |
|
|
|
|
bool allow_missing = 4; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
// Message for deleting a workstation configuration. |
|
|
|
|
message DeleteWorkstationConfigRequest { |
|
|
|
|
// Required. Name of the config to delete. |
|
|
|
|
// Required. Name of the workstation configuration to delete. |
|
|
|
|
string name = 1 [ |
|
|
|
|
(google.api.field_behavior) = REQUIRED, |
|
|
|
|
(google.api.resource_reference) = { |
|
|
|
|
@ -921,12 +937,13 @@ message DeleteWorkstationConfigRequest { |
|
|
|
|
// apply it. |
|
|
|
|
bool validate_only = 2; |
|
|
|
|
|
|
|
|
|
// If set, the request will be rejected if the latest version of the config on |
|
|
|
|
// the server does not have this etag. |
|
|
|
|
// If set, the request is rejected if the latest version of the |
|
|
|
|
// workstation configuration on the server does not have this ETag. |
|
|
|
|
string etag = 3; |
|
|
|
|
|
|
|
|
|
// If set, any Workstations in the config will also be deleted. Otherwise, |
|
|
|
|
// the request will work only if the config has no workstations. |
|
|
|
|
// If set, any workstations in the workstation configuration are also deleted. |
|
|
|
|
// Otherwise, the request works only if the workstation configuration has |
|
|
|
|
// no workstations. |
|
|
|
|
bool force = 4; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
@ -1027,7 +1044,8 @@ message UpdateWorkstationRequest { |
|
|
|
|
// Required. Workstation to update. |
|
|
|
|
Workstation workstation = 1 [(google.api.field_behavior) = REQUIRED]; |
|
|
|
|
|
|
|
|
|
// Required. Mask specifying which fields in the config should be updated. |
|
|
|
|
// Required. Mask specifying which fields in the workstation configuration |
|
|
|
|
// should be updated. |
|
|
|
|
google.protobuf.FieldMask update_mask = 2 |
|
|
|
|
[(google.api.field_behavior) = REQUIRED]; |
|
|
|
|
|
|
|
|
|
@ -1035,8 +1053,9 @@ message UpdateWorkstationRequest { |
|
|
|
|
// apply it. |
|
|
|
|
bool validate_only = 3; |
|
|
|
|
|
|
|
|
|
// If set, and the config is not found, a new config will be created. |
|
|
|
|
// In this situation, update_mask is ignored. |
|
|
|
|
// If set and the workstation configuration is not found, a new |
|
|
|
|
// workstation configuration is created. In this situation, update_mask |
|
|
|
|
// is ignored. |
|
|
|
|
bool allow_missing = 4; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
@ -1055,7 +1074,7 @@ message DeleteWorkstationRequest { |
|
|
|
|
bool validate_only = 2; |
|
|
|
|
|
|
|
|
|
// If set, the request will be rejected if the latest version of the |
|
|
|
|
// workstation on the server does not have this etag. |
|
|
|
|
// workstation on the server does not have this ETag. |
|
|
|
|
string etag = 3; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
@ -1074,7 +1093,7 @@ message StartWorkstationRequest { |
|
|
|
|
bool validate_only = 2; |
|
|
|
|
|
|
|
|
|
// If set, the request will be rejected if the latest version of the |
|
|
|
|
// workstation on the server does not have this etag. |
|
|
|
|
// workstation on the server does not have this ETag. |
|
|
|
|
string etag = 3; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
@ -1093,7 +1112,7 @@ message StopWorkstationRequest { |
|
|
|
|
bool validate_only = 2; |
|
|
|
|
|
|
|
|
|
// If set, the request will be rejected if the latest version of the |
|
|
|
|
// workstation on the server does not have this etag. |
|
|
|
|
// workstation on the server does not have this ETag. |
|
|
|
|
string etag = 3; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
@ -1127,7 +1146,7 @@ message GenerateAccessTokenRequest { |
|
|
|
|
message GenerateAccessTokenResponse { |
|
|
|
|
// The generated bearer access token. To use this token, include it in an |
|
|
|
|
// Authorization header of an HTTP request sent to the associated |
|
|
|
|
// workstation's hostname, for example, `Authorization: Bearer |
|
|
|
|
// workstation's hostname—for example, `Authorization: Bearer |
|
|
|
|
// <access_token>`. |
|
|
|
|
string access_token = 1; |
|
|
|
|
|
|
|
|
|
|
Google APIs
2 years ago
committed by
Copybara-Service