diff --git a/google/cloud/beyondcorp/appconnectors/v1/BUILD.bazel b/google/cloud/beyondcorp/appconnectors/v1/BUILD.bazel new file mode 100644 index 000000000..97862a2eb --- /dev/null +++ b/google/cloud/beyondcorp/appconnectors/v1/BUILD.bazel @@ -0,0 +1,326 @@ +# This file was automatically generated by BuildFileGenerator +# https://github.com/googleapis/rules_gapic/tree/master/bazel + +# Most of the manual changes to this file will be overwritten. +# It's **only** allowed to change the following rule attribute values: +# - names of *_gapic_assembly_* rules +# - certain parameters of *_gapic_library rules, including but not limited to: +# * extra_protoc_parameters +# * extra_protoc_file_parameters +# The complete list of preserved parameters can be found in the source code. + +############################################################################## +# Common +############################################################################## +load("@rules_proto//proto:defs.bzl", "proto_library") +load( + "@com_google_googleapis_imports//:imports.bzl", + "cc_grpc_library", + "cc_proto_library", + "csharp_gapic_assembly_pkg", + "csharp_gapic_library", + "csharp_grpc_library", + "csharp_proto_library", + "go_gapic_assembly_pkg", + "go_gapic_library", + "go_proto_library", + "go_test", + "java_gapic_assembly_gradle_pkg", + "java_gapic_library", + "java_gapic_test", + "java_grpc_library", + "java_proto_library", + "nodejs_gapic_assembly_pkg", + "nodejs_gapic_library", + "php_gapic_assembly_pkg", + "php_gapic_library", + "php_grpc_library", + "php_proto_library", + "proto_library_with_info", + "py_gapic_assembly_pkg", + "py_gapic_library", + "ruby_cloud_gapic_library", + "ruby_gapic_assembly_pkg", + "ruby_grpc_library", + "ruby_proto_library", +) + +# This is an API workspace, having public visibility by default makes perfect sense. +package(default_visibility = ["//visibility:public"]) + +proto_library( + name = "appconnectors_proto", + srcs = [ + "app_connector_instance_config.proto", + "app_connectors_service.proto", + "resource_info.proto", + ], + deps = [ + "//google/api:annotations_proto", + "//google/api:client_proto", + "//google/api:field_behavior_proto", + "//google/api:resource_proto", + "//google/longrunning:operations_proto", + "@com_google_protobuf//:any_proto", + "@com_google_protobuf//:field_mask_proto", + "@com_google_protobuf//:timestamp_proto", + ], +) + +proto_library_with_info( + name = "appconnectors_proto_with_info", + deps = [ + ":appconnectors_proto", + "//google/cloud:common_resources_proto", + "//google/cloud/location:location_proto", + "//google/iam/v1:iam_policy_proto", + ], +) + +java_proto_library( + name = "appconnectors_java_proto", + deps = [":appconnectors_proto"], +) + +java_grpc_library( + name = "appconnectors_java_grpc", + srcs = [":appconnectors_proto"], + deps = [":appconnectors_java_proto"], +) + +java_gapic_library( + name = "appconnectors_java_gapic", + srcs = [":appconnectors_proto_with_info"], + gapic_yaml = None, + grpc_service_config = "beyondcorp-appconnectors_grpc_service_config.json", + service_yaml = "beyondcorp_v1.yaml", + test_deps = [ + ":appconnectors_java_grpc", + "//google/cloud/location:location_java_grpc", + "//google/iam/v1:iam_java_grpc", + ], + deps = [ + ":appconnectors_java_proto", + "//google/api:api_java_proto", + "//google/cloud/location:location_java_proto", + "//google/iam/v1:iam_java_proto", + ], +) + +java_gapic_test( + name = "appconnectors_java_gapic_test_suite", + test_classes = [ + "com.google.cloud.beyondcorp.appconnectors.v1.AppConnectorsServiceClientTest", + ], + runtime_deps = [":appconnectors_java_gapic_test"], +) + +# Open Source Packages +java_gapic_assembly_gradle_pkg( + name = "google-cloud-beyondcorp-appconnectors-v1-java", + include_samples = True, + deps = [ + ":appconnectors_java_gapic", + ":appconnectors_java_grpc", + ":appconnectors_java_proto", + ":appconnectors_proto", + ], +) + +go_proto_library( + name = "appconnectors_go_proto", + compilers = ["@io_bazel_rules_go//proto:go_grpc"], + importpath = "google.golang.org/genproto/googleapis/cloud/beyondcorp/appconnectors/v1", + protos = [":appconnectors_proto"], + deps = [ + "//google/api:annotations_go_proto", + "//google/longrunning:longrunning_go_proto", + ], +) + +go_gapic_library( + name = "appconnectors_go_gapic", + srcs = [":appconnectors_proto_with_info"], + grpc_service_config = "beyondcorp-appconnectors_grpc_service_config.json", + importpath = "cloud.google.com/go/beyondcorp/appconnectors/apiv1;appconnectors", + metadata = True, + service_yaml = "beyondcorp_v1.yaml", + deps = [ + ":appconnectors_go_proto", + "//google/cloud/location:location_go_proto", + "//google/iam/v1:iam_go_proto", + "//google/longrunning:longrunning_go_proto", + "@com_google_cloud_go//longrunning:go_default_library", + "@com_google_cloud_go//longrunning/autogen:go_default_library", + "@io_bazel_rules_go//proto/wkt:any_go_proto", + ], +) + +go_test( + name = "appconnectors_go_gapic_test", + srcs = [":appconnectors_go_gapic_srcjar_test"], + embed = [":appconnectors_go_gapic"], + importpath = "cloud.google.com/go/beyondcorp/appconnectors/apiv1", +) + +# Open Source Packages +go_gapic_assembly_pkg( + name = "gapi-cloud-beyondcorp-appconnectors-v1-go", + deps = [ + ":appconnectors_go_gapic", + ":appconnectors_go_gapic_srcjar-metadata.srcjar", + ":appconnectors_go_gapic_srcjar-test.srcjar", + ":appconnectors_go_proto", + ], +) + +py_gapic_library( + name = "appconnectors_py_gapic", + srcs = [":appconnectors_proto"], + grpc_service_config = "beyondcorp-appconnectors_grpc_service_config.json", + service_yaml = "beyondcorp_v1.yaml", +) + +# Open Source Packages +py_gapic_assembly_pkg( + name = "beyondcorp-appconnectors-v1-py", + deps = [ + ":appconnectors_py_gapic", + ], +) + +php_proto_library( + name = "appconnectors_php_proto", + deps = [":appconnectors_proto"], +) + +php_grpc_library( + name = "appconnectors_php_grpc", + srcs = [":appconnectors_proto"], + deps = [":appconnectors_php_proto"], +) + +php_gapic_library( + name = "appconnectors_php_gapic", + srcs = [":appconnectors_proto_with_info"], + grpc_service_config = "beyondcorp-appconnectors_grpc_service_config.json", + service_yaml = "beyondcorp_v1.yaml", + deps = [ + ":appconnectors_php_grpc", + ":appconnectors_php_proto", + ], +) + +# Open Source Packages +php_gapic_assembly_pkg( + name = "google-cloud-beyondcorp-appconnectors-v1-php", + deps = [ + ":appconnectors_php_gapic", + ":appconnectors_php_grpc", + ":appconnectors_php_proto", + ], +) + +nodejs_gapic_library( + name = "appconnectors_nodejs_gapic", + package_name = "@google-cloud/appconnectors", + src = ":appconnectors_proto_with_info", + extra_protoc_parameters = ["metadata"], + grpc_service_config = "beyondcorp-appconnectors_grpc_service_config.json", + package = "google.cloud.beyondcorp.appconnectors.v1", + service_yaml = "beyondcorp_v1.yaml", + deps = [], +) + +nodejs_gapic_assembly_pkg( + name = "beyondcorp-appconnectors-v1-nodejs", + deps = [ + ":appconnectors_nodejs_gapic", + ":appconnectors_proto", + ], +) + +ruby_proto_library( + name = "appconnectors_ruby_proto", + deps = [":appconnectors_proto"], +) + +ruby_grpc_library( + name = "appconnectors_ruby_grpc", + srcs = [":appconnectors_proto"], + deps = [":appconnectors_ruby_proto"], +) + +ruby_cloud_gapic_library( + name = "appconnectors_ruby_gapic", + srcs = [":appconnectors_proto_with_info"], + extra_protoc_parameters = [ + "ruby-cloud-gem-name=google-cloud-beyond_corp-app_connectors-v1", + "ruby-cloud-product-url=https://cloud.google.com/beyondcorp/", + "ruby-cloud-api-id=beyondcorp.googleapis.com", + "ruby-cloud-api-shortname=beyondcorp", + ], + grpc_service_config = "beyondcorp-appconnectors_grpc_service_config.json", + ruby_cloud_description = "Beyondcorp Enterprise provides identity and context aware access controls for enterprise resources and enables zero-trust access. Using the Beyondcorp Enterprise APIs, enterprises can set up multi-cloud and on-prem connectivity using the App Connector hybrid connectivity solution.", + ruby_cloud_title = "BeyondCorp AppConnectors V1", + service_yaml = "beyondcorp_v1.yaml", + deps = [ + ":appconnectors_ruby_grpc", + ":appconnectors_ruby_proto", + ], +) + +# Open Source Packages +ruby_gapic_assembly_pkg( + name = "google-cloud-beyondcorp-appconnectors-v1-ruby", + deps = [ + ":appconnectors_ruby_gapic", + ":appconnectors_ruby_grpc", + ":appconnectors_ruby_proto", + ], +) + +csharp_proto_library( + name = "appconnectors_csharp_proto", + deps = [":appconnectors_proto"], +) + +csharp_grpc_library( + name = "appconnectors_csharp_grpc", + srcs = [":appconnectors_proto"], + deps = [":appconnectors_csharp_proto"], +) + +csharp_gapic_library( + name = "appconnectors_csharp_gapic", + srcs = [":appconnectors_proto_with_info"], + common_resources_config = "@gax_dotnet//:Google.Api.Gax/ResourceNames/CommonResourcesConfig.json", + grpc_service_config = "beyondcorp-appconnectors_grpc_service_config.json", + service_yaml = "beyondcorp_v1.yaml", + deps = [ + ":appconnectors_csharp_grpc", + ":appconnectors_csharp_proto", + ], +) + +# Open Source Packages +csharp_gapic_assembly_pkg( + name = "google-cloud-beyondcorp-appconnectors-v1-csharp", + deps = [ + ":appconnectors_csharp_gapic", + ":appconnectors_csharp_grpc", + ":appconnectors_csharp_proto", + ], +) + +cc_proto_library( + name = "appconnectors_cc_proto", + deps = [":appconnectors_proto"], +) + +cc_grpc_library( + name = "appconnectors_cc_grpc", + srcs = [":appconnectors_proto"], + grpc_only = True, + deps = [":appconnectors_cc_proto"], +) diff --git a/google/cloud/beyondcorp/appconnectors/v1/app_connector_instance_config.proto b/google/cloud/beyondcorp/appconnectors/v1/app_connector_instance_config.proto new file mode 100644 index 000000000..7e183063f --- /dev/null +++ b/google/cloud/beyondcorp/appconnectors/v1/app_connector_instance_config.proto @@ -0,0 +1,72 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.cloud.beyondcorp.appconnectors.v1; + +import "google/api/field_behavior.proto"; +import "google/protobuf/any.proto"; + +option csharp_namespace = "Google.Cloud.BeyondCorp.AppConnectors.V1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/beyondcorp/appconnectors/v1;appconnectors"; +option java_multiple_files = true; +option java_outer_classname = "AppConnectorInstanceConfigProto"; +option java_package = "com.google.cloud.beyondcorp.appconnectors.v1"; +option php_namespace = "Google\\Cloud\\BeyondCorp\\AppConnectors\\V1"; +option ruby_package = "Google::Cloud::BeyondCorp::AppConnectors::V1"; + +// AppConnectorInstanceConfig defines the instance config of a AppConnector. +message AppConnectorInstanceConfig { + // Required. A monotonically increasing number generated and maintained + // by the API provider. Every time a config changes in the backend, the + // sequenceNumber should be bumped up to reflect the change. + int64 sequence_number = 1 [(google.api.field_behavior) = REQUIRED]; + + // The SLM instance agent configuration. + google.protobuf.Any instance_config = 2; + + // NotificationConfig defines the notification mechanism that the remote + // instance should subscribe to in order to receive notification. + NotificationConfig notification_config = 3; + + // ImageConfig defines the GCR images to run for the remote agent's control + // plane. + ImageConfig image_config = 4; +} + +// NotificationConfig defines the mechanisms to notify instance agent. +message NotificationConfig { + // The configuration for Pub/Sub messaging for the AppConnector. + message CloudPubSubNotificationConfig { + // The Pub/Sub subscription the AppConnector uses to receive notifications. + string pubsub_subscription = 1; + } + + oneof config { + // Cloud Pub/Sub Configuration to receive notifications. + CloudPubSubNotificationConfig pubsub_notification = 1; + } +} + +// ImageConfig defines the control plane images to run. +message ImageConfig { + // The initial image the remote agent will attempt to run for the control + // plane. + string target_image = 1; + + // The stable image that the remote agent will fallback to if the target image + // fails. + string stable_image = 2; +} diff --git a/google/cloud/beyondcorp/appconnectors/v1/app_connectors_service.proto b/google/cloud/beyondcorp/appconnectors/v1/app_connectors_service.proto new file mode 100644 index 000000000..d7d6d74f4 --- /dev/null +++ b/google/cloud/beyondcorp/appconnectors/v1/app_connectors_service.proto @@ -0,0 +1,435 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.cloud.beyondcorp.appconnectors.v1; + +import "google/api/annotations.proto"; +import "google/api/client.proto"; +import "google/api/field_behavior.proto"; +import "google/api/resource.proto"; +import "google/cloud/beyondcorp/appconnectors/v1/app_connector_instance_config.proto"; +import "google/cloud/beyondcorp/appconnectors/v1/resource_info.proto"; +import "google/longrunning/operations.proto"; +import "google/protobuf/field_mask.proto"; +import "google/protobuf/timestamp.proto"; + +option csharp_namespace = "Google.Cloud.BeyondCorp.AppConnectors.V1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/beyondcorp/appconnectors/v1;appconnectors"; +option java_multiple_files = true; +option java_outer_classname = "AppConnectorsServiceProto"; +option java_package = "com.google.cloud.beyondcorp.appconnectors.v1"; +option php_namespace = "Google\\Cloud\\BeyondCorp\\AppConnectors\\V1"; +option ruby_package = "Google::Cloud::BeyondCorp::AppConnectors::V1"; + +// ## API Overview +// +// The `beyondcorp.googleapis.com` service implements the Google Cloud +// BeyondCorp API. +// +// ## Data Model +// +// The AppConnectorsService exposes the following resource: +// +// * AppConnectors, named as follows: +// `projects/{project_id}/locations/{location_id}/appConnectors/{app_connector_id}`. +// +// The AppConnectorsService provides methods to manage +// (create/read/update/delete) BeyondCorp AppConnectors. +service AppConnectorsService { + option (google.api.default_host) = "beyondcorp.googleapis.com"; + option (google.api.oauth_scopes) = + "https://www.googleapis.com/auth/cloud-platform"; + + // Lists AppConnectors in a given project and location. + rpc ListAppConnectors(ListAppConnectorsRequest) + returns (ListAppConnectorsResponse) { + option (google.api.http) = { + get: "/v1/{parent=projects/*/locations/*}/appConnectors" + }; + option (google.api.method_signature) = "parent"; + } + + // Gets details of a single AppConnector. + rpc GetAppConnector(GetAppConnectorRequest) returns (AppConnector) { + option (google.api.http) = { + get: "/v1/{name=projects/*/locations/*/appConnectors/*}" + }; + option (google.api.method_signature) = "name"; + } + + // Creates a new AppConnector in a given project and location. + rpc CreateAppConnector(CreateAppConnectorRequest) + returns (google.longrunning.Operation) { + option (google.api.http) = { + post: "/v1/{parent=projects/*/locations/*}/appConnectors" + body: "app_connector" + }; + option (google.api.method_signature) = + "parent,app_connector,app_connector_id"; + option (google.longrunning.operation_info) = { + response_type: "AppConnector" + metadata_type: "AppConnectorOperationMetadata" + }; + } + + // Updates the parameters of a single AppConnector. + rpc UpdateAppConnector(UpdateAppConnectorRequest) + returns (google.longrunning.Operation) { + option (google.api.http) = { + patch: "/v1/{app_connector.name=projects/*/locations/*/appConnectors/*}" + body: "app_connector" + }; + option (google.api.method_signature) = "app_connector,update_mask"; + option (google.longrunning.operation_info) = { + response_type: "AppConnector" + metadata_type: "AppConnectorOperationMetadata" + }; + } + + // Deletes a single AppConnector. + rpc DeleteAppConnector(DeleteAppConnectorRequest) + returns (google.longrunning.Operation) { + option (google.api.http) = { + delete: "/v1/{name=projects/*/locations/*/appConnectors/*}" + }; + option (google.api.method_signature) = "name"; + option (google.longrunning.operation_info) = { + response_type: "google.protobuf.Empty" + metadata_type: "AppConnectorOperationMetadata" + }; + } + + // Report status for a given connector. + rpc ReportStatus(ReportStatusRequest) returns (google.longrunning.Operation) { + option (google.api.http) = { + post: "/v1/{app_connector=projects/*/locations/*/appConnectors/*}:reportStatus" + body: "*" + }; + option (google.api.method_signature) = "app_connector,resource_info"; + option (google.longrunning.operation_info) = { + response_type: "AppConnector" + metadata_type: "AppConnectorOperationMetadata" + }; + } +} + +// Request message for BeyondCorp.ListAppConnectors. +message ListAppConnectorsRequest { + // Required. The resource name of the AppConnector location using the form: + // `projects/{project_id}/locations/{location_id}` + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + child_type: "beyondcorp.googleapis.com/AppConnector" + } + ]; + + // Optional. The maximum number of items to return. + // If not specified, a default value of 50 will be used by the service. + // Regardless of the page_size value, the response may include a partial list + // and a caller should only rely on response's + // [next_page_token][BeyondCorp.ListAppConnectorsResponse.next_page_token] to + // determine if there are more instances left to be queried. + int32 page_size = 2 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. The next_page_token value returned from a previous + // ListAppConnectorsRequest, if any. + string page_token = 3 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. A filter specifying constraints of a list operation. + string filter = 4 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Specifies the ordering of results. See + // [Sorting + // order](https://cloud.google.com/apis/design/design_patterns#sorting_order) + // for more information. + string order_by = 5 [(google.api.field_behavior) = OPTIONAL]; +} + +// Response message for BeyondCorp.ListAppConnectors. +message ListAppConnectorsResponse { + // A list of BeyondCorp AppConnectors in the project. + repeated AppConnector app_connectors = 1; + + // A token to retrieve the next page of results, or empty if there are no more + // results in the list. + string next_page_token = 2; + + // A list of locations that could not be reached. + repeated string unreachable = 3; +} + +// Request message for BeyondCorp.GetAppConnector. +message GetAppConnectorRequest { + // Required. BeyondCorp AppConnector name using the form: + // `projects/{project_id}/locations/{location_id}/appConnectors/{app_connector_id}` + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "beyondcorp.googleapis.com/AppConnector" + } + ]; +} + +// Request message for BeyondCorp.CreateAppConnector. +message CreateAppConnectorRequest { + // Required. The resource project name of the AppConnector location using the + // form: `projects/{project_id}/locations/{location_id}` + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + child_type: "beyondcorp.googleapis.com/AppConnector" + } + ]; + + // Optional. User-settable AppConnector resource ID. + // + // * Must start with a letter. + // * Must contain between 4-63 characters from `/[a-z][0-9]-/`. + // * Must end with a number or a letter. + string app_connector_id = 2 [(google.api.field_behavior) = OPTIONAL]; + + // Required. A BeyondCorp AppConnector resource. + AppConnector app_connector = 3 [(google.api.field_behavior) = REQUIRED]; + + // Optional. An optional request ID to identify requests. Specify a unique + // request ID so that if you must retry your request, the server will know to + // ignore the request if it has already been completed. The server will + // guarantee that for at least 60 minutes since the first request. + // + // For example, consider a situation where you make an initial request and t + // he request times out. If you make the request again with the same request + // ID, the server can check if original operation with the same request ID + // was received, and if so, will ignore the second request. This prevents + // clients from accidentally creating duplicate commitments. + // + // The request ID must be a valid UUID with the exception that zero UUID is + // not supported (00000000-0000-0000-0000-000000000000). + string request_id = 4 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. If set, validates request by executing a dry-run which would not + // alter the resource in any way. + bool validate_only = 5 [(google.api.field_behavior) = OPTIONAL]; +} + +// Request message for BeyondCorp.UpdateAppConnector. +message UpdateAppConnectorRequest { + // Required. Mask of fields to update. At least one path must be supplied in + // this field. The elements of the repeated paths field may only include these + // fields from [BeyondCorp.AppConnector]: + // * `labels` + // * `display_name` + google.protobuf.FieldMask update_mask = 1 + [(google.api.field_behavior) = REQUIRED]; + + // Required. AppConnector message with updated fields. Only supported fields + // specified in update_mask are updated. + AppConnector app_connector = 2 [(google.api.field_behavior) = REQUIRED]; + + // Optional. An optional request ID to identify requests. Specify a unique + // request ID so that if you must retry your request, the server will know to + // ignore the request if it has already been completed. The server will + // guarantee that for at least 60 minutes since the first request. + // + // For example, consider a situation where you make an initial request and t + // he request times out. If you make the request again with the same request + // ID, the server can check if original operation with the same request ID + // was received, and if so, will ignore the second request. This prevents + // clients from accidentally creating duplicate commitments. + // + // The request ID must be a valid UUID with the exception that zero UUID is + // not supported (00000000-0000-0000-0000-000000000000). + string request_id = 3 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. If set, validates request by executing a dry-run which would not + // alter the resource in any way. + bool validate_only = 4 [(google.api.field_behavior) = OPTIONAL]; +} + +// Request message for BeyondCorp.DeleteAppConnector. +message DeleteAppConnectorRequest { + // Required. BeyondCorp AppConnector name using the form: + // `projects/{project_id}/locations/{location_id}/appConnectors/{app_connector_id}` + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "beyondcorp.googleapis.com/AppConnector" + } + ]; + + // Optional. An optional request ID to identify requests. Specify a unique + // request ID so that if you must retry your request, the server will know to + // ignore the request if it has already been completed. The server will + // guarantee that for at least 60 minutes after the first request. + // + // For example, consider a situation where you make an initial request and t + // he request times out. If you make the request again with the same request + // ID, the server can check if original operation with the same request ID + // was received, and if so, will ignore the second request. This prevents + // clients from accidentally creating duplicate commitments. + // + // The request ID must be a valid UUID with the exception that zero UUID is + // not supported (00000000-0000-0000-0000-000000000000). + string request_id = 2 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. If set, validates request by executing a dry-run which would not + // alter the resource in any way. + bool validate_only = 3 [(google.api.field_behavior) = OPTIONAL]; +} + +// Request report the connector status. +message ReportStatusRequest { + // Required. BeyondCorp Connector name using the form: + // `projects/{project_id}/locations/{location_id}/connectors/{connector}` + string app_connector = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "beyondcorp.googleapis.com/AppConnector" + } + ]; + + // Required. Resource info of the connector. + ResourceInfo resource_info = 2 [(google.api.field_behavior) = REQUIRED]; + + // Optional. An optional request ID to identify requests. Specify a unique + // request ID so that if you must retry your request, the server will know to + // ignore the request if it has already been completed. The server will + // guarantee that for at least 60 minutes since the first request. + // + // For example, consider a situation where you make an initial request and t + // he request times out. If you make the request again with the same request + // ID, the server can check if original operation with the same request ID + // was received, and if so, will ignore the second request. This prevents + // clients from accidentally creating duplicate commitments. + // + // The request ID must be a valid UUID with the exception that zero UUID is + // not supported (00000000-0000-0000-0000-000000000000). + string request_id = 3 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. If set, validates request by executing a dry-run which would not + // alter the resource in any way. + bool validate_only = 4 [(google.api.field_behavior) = OPTIONAL]; +} + +// A BeyondCorp connector resource that represents an application facing +// component deployed proximal to and with direct access to the application +// instances. It is used to establish connectivity between the remote enterprise +// environment and GCP. It initiates connections to the applications and can +// proxy the data from users over the connection. +message AppConnector { + option (google.api.resource) = { + type: "beyondcorp.googleapis.com/AppConnector" + pattern: "projects/{project}/locations/{location}/appConnectors/{app_connector}" + }; + + // PrincipalInfo represents an Identity oneof. + message PrincipalInfo { + // ServiceAccount represents a GCP service account. + message ServiceAccount { + // Email address of the service account. + string email = 1; + } + + oneof type { + // A GCP service account. + ServiceAccount service_account = 1; + } + } + + // Represents the different states of a AppConnector. + enum State { + // Default value. This value is unused. + STATE_UNSPECIFIED = 0; + + // AppConnector is being created. + CREATING = 1; + + // AppConnector has been created. + CREATED = 2; + + // AppConnector's configuration is being updated. + UPDATING = 3; + + // AppConnector is being deleted. + DELETING = 4; + + // AppConnector is down and may be restored in the future. + // This happens when CCFE sends ProjectState = OFF. + DOWN = 5; + } + + // Required. Unique resource name of the AppConnector. + // The name is ignored when creating a AppConnector. + string name = 1 [(google.api.field_behavior) = REQUIRED]; + + // Output only. Timestamp when the resource was created. + google.protobuf.Timestamp create_time = 2 + [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. Timestamp when the resource was last modified. + google.protobuf.Timestamp update_time = 3 + [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Optional. Resource labels to represent user provided metadata. + map labels = 4 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. An arbitrary user-provided name for the AppConnector. Cannot + // exceed 64 characters. + string display_name = 5 [(google.api.field_behavior) = OPTIONAL]; + + // Output only. A unique identifier for the instance generated by the + // system. + string uid = 6 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The current state of the AppConnector. + State state = 7 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Required. Principal information about the Identity of the AppConnector. + PrincipalInfo principal_info = 8 [(google.api.field_behavior) = REQUIRED]; + + // Optional. Resource info of the connector. + ResourceInfo resource_info = 11 [(google.api.field_behavior) = OPTIONAL]; +} + +// Represents the metadata of the long-running operation. +message AppConnectorOperationMetadata { + // Output only. The time the operation was created. + google.protobuf.Timestamp create_time = 1 + [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The time the operation finished running. + google.protobuf.Timestamp end_time = 2 + [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. Server-defined resource path for the target of the operation. + string target = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. Name of the verb executed by the operation. + string verb = 4 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. Human-readable status of the operation, if any. + string status_message = 5 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. Identifies whether the user has requested cancellation + // of the operation. Operations that have successfully been cancelled + // have [Operation.error][] value with a + // [google.rpc.Status.code][google.rpc.Status.code] of 1, corresponding to + // `Code.CANCELLED`. + bool requested_cancellation = 6 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. API version used to start the operation. + string api_version = 7 [(google.api.field_behavior) = OUTPUT_ONLY]; +} diff --git a/google/cloud/beyondcorp/appconnectors/v1/beyondcorp-appconnectors_grpc_service_config.json b/google/cloud/beyondcorp/appconnectors/v1/beyondcorp-appconnectors_grpc_service_config.json new file mode 100644 index 000000000..4f48c9a29 --- /dev/null +++ b/google/cloud/beyondcorp/appconnectors/v1/beyondcorp-appconnectors_grpc_service_config.json @@ -0,0 +1,26 @@ + +{ + "methodConfig": [{ + "name": [ + { "service": "google.cloud.beyondcorp.appconnectors.v1", "method": "ListAppConnectors" }, + { "service": "google.cloud.beyondcorp.appconnectors.v1", "method": "GetAppConnector" } + ], + "timeout": "60s", + "retryPolicy": { + "maxAttempts": 5, + "initialBackoff": "1s", + "maxBackoff": "10s", + "backoffMultiplier": 1.3, + "retryableStatusCodes": ["UNAVAILABLE"] + } + }, + { + "name": [ + { "service": "google.cloud.beyondcorp.appconnectors.v1", "method": "CreateAppConnector" }, + { "service": "google.cloud.beyondcorp.appconnectors.v1", "method": "UpdateAppConnector" }, + { "service": "google.cloud.beyondcorp.appconnectors.v1", "method": "DeleteAppConnector" }, + { "service": "google.cloud.beyondcorp.appconnectors.v1", "method": "ReportStatus" } + ], + "timeout": "60s" + }] +} diff --git a/google/cloud/beyondcorp/appconnectors/v1/beyondcorp_v1.yaml b/google/cloud/beyondcorp/appconnectors/v1/beyondcorp_v1.yaml new file mode 100644 index 000000000..8920a34cf --- /dev/null +++ b/google/cloud/beyondcorp/appconnectors/v1/beyondcorp_v1.yaml @@ -0,0 +1,132 @@ +type: google.api.Service +config_version: 3 +name: beyondcorp.googleapis.com +title: BeyondCorp API + +apis: +- name: google.cloud.beyondcorp.appconnectors.v1.AppConnectorsService +- name: google.cloud.location.Locations +- name: google.iam.v1.IAMPolicy +- name: google.longrunning.Operations + +types: +- name: google.cloud.beyondcorp.appconnectors.v1.AppConnectorOperationMetadata + +documentation: + summary: |- + Beyondcorp Enterprise provides identity and context aware access controls + for enterprise resources and enables zero-trust access. Using the + Beyondcorp Enterprise APIs, enterprises can set up multi-cloud and on-prem + connectivity using the App Connector hybrid connectivity solution. + rules: + - selector: google.cloud.location.Locations.GetLocation + description: Gets information about a location. + + - selector: google.cloud.location.Locations.ListLocations + description: Lists information about the supported locations for this service. + + - selector: google.iam.v1.IAMPolicy.GetIamPolicy + description: |- + Gets the access control policy for a resource. Returns an empty policy + if the resource exists and does not have a policy set. + + - selector: google.iam.v1.IAMPolicy.SetIamPolicy + description: |- + Sets the access control policy on the specified resource. Replaces + any existing policy. + + Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` + errors. + + - selector: google.iam.v1.IAMPolicy.TestIamPermissions + description: |- + Returns permissions that a caller has on the specified resource. If the + resource does not exist, this will return an empty set of + permissions, not a `NOT_FOUND` error. + + Note: This operation is designed to be used for building + permission-aware UIs and command-line tools, not for authorization + checking. This operation may "fail open" without warning. + +backend: + rules: + - selector: 'google.cloud.beyondcorp.appconnectors.v1.AppConnectorsService.*' + deadline: 60.0 + - selector: google.cloud.location.Locations.GetLocation + deadline: 60.0 + - selector: google.cloud.location.Locations.ListLocations + deadline: 60.0 + - selector: 'google.iam.v1.IAMPolicy.*' + deadline: 60.0 + - selector: 'google.longrunning.Operations.*' + deadline: 60.0 + +http: + rules: + - selector: google.cloud.location.Locations.GetLocation + get: '/v1/{name=projects/*/locations/*}' + - selector: google.cloud.location.Locations.ListLocations + get: '/v1/{name=projects/*}/locations' + - selector: google.iam.v1.IAMPolicy.GetIamPolicy + get: '/v1/{resource=projects/*/locations/*/appConnections/*}:getIamPolicy' + additional_bindings: + - get: '/v1/{resource=projects/*/locations/*/appConnectors/*}:getIamPolicy' + - get: '/v1/{resource=projects/*/locations/*/appGateways/*}:getIamPolicy' + - get: '/v1/{resource=projects/*/locations/*/clientConnectorServices/*}:getIamPolicy' + - get: '/v1/{resource=projects/*/locations/*/clientGateways/*}:getIamPolicy' + - selector: google.iam.v1.IAMPolicy.SetIamPolicy + post: '/v1/{resource=projects/*/locations/*/appConnections/*}:setIamPolicy' + body: '*' + additional_bindings: + - post: '/v1/{resource=projects/*/locations/*/appConnectors/*}:setIamPolicy' + body: '*' + - post: '/v1/{resource=projects/*/locations/*/appGateways/*}:setIamPolicy' + body: '*' + - post: '/v1/{resource=projects/*/locations/*/clientConnectorServices/*}:setIamPolicy' + body: '*' + - post: '/v1/{resource=projects/*/locations/*/clientGateways/*}:setIamPolicy' + body: '*' + - selector: google.iam.v1.IAMPolicy.TestIamPermissions + post: '/v1/{resource=projects/*/locations/*/appConnections/*}:testIamPermissions' + body: '*' + additional_bindings: + - post: '/v1/{resource=projects/*/locations/*/appConnectors/*}:testIamPermissions' + body: '*' + - post: '/v1/{resource=projects/*/locations/*/appGateways/*}:testIamPermissions' + body: '*' + - post: '/v1/{resource=projects/*/locations/*/clientConnectorServices/*}:testIamPermissions' + body: '*' + - post: '/v1/{resource=projects/*/locations/*/clientGateways/*}:testIamPermissions' + body: '*' + - selector: google.longrunning.Operations.CancelOperation + post: '/v1/{name=projects/*/locations/*/operations/*}:cancel' + body: '*' + - selector: google.longrunning.Operations.DeleteOperation + delete: '/v1/{name=projects/*/locations/*/operations/*}' + - selector: google.longrunning.Operations.GetOperation + get: '/v1/{name=projects/*/locations/*/operations/*}' + - selector: google.longrunning.Operations.ListOperations + get: '/v1/{name=projects/*/locations/*}/operations' + +authentication: + rules: + - selector: 'google.cloud.beyondcorp.appconnectors.v1.AppConnectorsService.*' + oauth: + canonical_scopes: |- + https://www.googleapis.com/auth/cloud-platform + - selector: google.cloud.location.Locations.GetLocation + oauth: + canonical_scopes: |- + https://www.googleapis.com/auth/cloud-platform + - selector: google.cloud.location.Locations.ListLocations + oauth: + canonical_scopes: |- + https://www.googleapis.com/auth/cloud-platform + - selector: 'google.iam.v1.IAMPolicy.*' + oauth: + canonical_scopes: |- + https://www.googleapis.com/auth/cloud-platform + - selector: 'google.longrunning.Operations.*' + oauth: + canonical_scopes: |- + https://www.googleapis.com/auth/cloud-platform diff --git a/google/cloud/beyondcorp/appconnectors/v1/resource_info.proto b/google/cloud/beyondcorp/appconnectors/v1/resource_info.proto new file mode 100644 index 000000000..d7f26d53c --- /dev/null +++ b/google/cloud/beyondcorp/appconnectors/v1/resource_info.proto @@ -0,0 +1,76 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.cloud.beyondcorp.appconnectors.v1; + +import "google/api/field_behavior.proto"; +import "google/protobuf/any.proto"; +import "google/protobuf/timestamp.proto"; + +option csharp_namespace = "Google.Cloud.BeyondCorp.AppConnectors.V1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/beyondcorp/appconnectors/v1;appconnectors"; +option java_multiple_files = true; +option java_outer_classname = "ResourceInfoProto"; +option java_package = "com.google.cloud.beyondcorp.appconnectors.v1"; +option php_namespace = "Google\\Cloud\\BeyondCorp\\AppConnectors\\V1"; +option ruby_package = "Google::Cloud::BeyondCorp::AppConnectors::V1"; + +// HealthStatus represents the health status. +enum HealthStatus { + // Health status is unknown: not initialized or failed to retrieve. + HEALTH_STATUS_UNSPECIFIED = 0; + + // The resource is healthy. + HEALTHY = 1; + + // The resource is unhealthy. + UNHEALTHY = 2; + + // The resource is unresponsive. + UNRESPONSIVE = 3; + + // Some sub-resources are UNHEALTHY. + DEGRADED = 4; +} + +// ResourceInfo represents the information/status of an app connector resource. +// Such as: +// - remote_agent +// - container +// - runtime +// - appgateway +// - appconnector +// - appconnection +// - tunnel +// - logagent +message ResourceInfo { + // Required. Unique Id for the resource. + string id = 1 [(google.api.field_behavior) = REQUIRED]; + + // Overall health status. Overall status is derived based on the status of + // each sub level resources. + HealthStatus status = 2; + + // Specific details for the resource. This is for internal use only. + google.protobuf.Any resource = 3; + + // The timestamp to collect the info. It is suggested to be set by + // the topmost level resource only. + google.protobuf.Timestamp time = 4; + + // List of Info for the sub level resources. + repeated ResourceInfo sub = 5; +}