From cd897429336a508c2410ef810ed6380ec5a4c44a Mon Sep 17 00:00:00 2001 From: Google APIs Date: Mon, 12 Jun 2023 12:25:22 -0700 Subject: [PATCH] feat: Added new SSL modes ALLOW_UNENCRYPTED_AND_ENCRYPTED, ENCRYPTED_ONLY feat: Added support for continuous backups feat: Added support for cross-region replication (secondary clusters/instances and promotion) feat: Added users API feat: Added fault injection API fix: Deprecated SSL modes SSL_MODE_ALLOW, SSL_MODE_REQUIRE, SSL_MODE_VERIFY_CA PiperOrigin-RevId: 539728978 --- google/cloud/alloydb/v1/alloydb_v1.yaml | 26 +- google/cloud/alloydb/v1/resources.proto | 175 ++++++++-- google/cloud/alloydb/v1/service.proto | 417 +++++++++++++++++++++++- 3 files changed, 573 insertions(+), 45 deletions(-) diff --git a/google/cloud/alloydb/v1/alloydb_v1.yaml b/google/cloud/alloydb/v1/alloydb_v1.yaml index f20d021d4..0b49fa8fe 100644 --- a/google/cloud/alloydb/v1/alloydb_v1.yaml +++ b/google/cloud/alloydb/v1/alloydb_v1.yaml @@ -109,20 +109,16 @@ authentication: https://www.googleapis.com/auth/cloud-platform publishing: - organization: CLOUD - new_issue_uri: 'https://issuetracker.google.com/issues/new?component=1029828' - documentation_uri: 'https://cloud.google.com/alloydb/docs' - api_short_name: 'alloydb' + new_issue_uri: https://issuetracker.google.com/issues/new?component=1194526&template=1689942 + documentation_uri: https://cloud.google.com/alloydb/docs + api_short_name: alloydb github_label: 'api: alloydb' - doc_tag_prefix: 'alloydb' - codeowner_github_teams: + doc_tag_prefix: alloydb + organization: CLOUD library_settings: - - version: 'google.cloud.alloydb.v1' + - version: google.cloud.alloydb.v1 launch_stage: GA - rest_numeric_enums: false java_settings: - library_package: '' - service_class_names: common: destinations: - PACKAGE_MANAGER @@ -154,12 +150,9 @@ publishing: common: destinations: - PACKAGE_MANAGER - - version: 'google.cloud.alloydb.v1beta' + - version: google.cloud.alloydb.v1beta launch_stage: BETA - rest_numeric_enums: false java_settings: - library_package: '' - service_class_names: common: destinations: - PACKAGE_MANAGER @@ -191,12 +184,9 @@ publishing: common: destinations: - PACKAGE_MANAGER - - version: 'google.cloud.alloydb.v1alpha' + - version: google.cloud.alloydb.v1alpha launch_stage: ALPHA - rest_numeric_enums: false java_settings: - library_package: '' - service_class_names: common: destinations: - PACKAGE_MANAGER diff --git a/google/cloud/alloydb/v1/resources.proto b/google/cloud/alloydb/v1/resources.proto index 65d71d77c..22b82d56d 100644 --- a/google/cloud/alloydb/v1/resources.proto +++ b/google/cloud/alloydb/v1/resources.proto @@ -1,4 +1,4 @@ -// Copyright 2022 Google LLC +// Copyright 2023 Google LLC // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -40,18 +40,6 @@ option (google.api.resource_definition) = { pattern: "projects/{project}/global/networks/{network}" }; -// The supported database engine versions. -enum DatabaseVersion { - // This is an unknown database version. - DATABASE_VERSION_UNSPECIFIED = 0; - - // DEPRECATED - The database version is Postgres 13. - POSTGRES_13 = 1 [deprecated = true]; - - // The database version is Postgres 14. - POSTGRES_14 = 2; -} - // View on Instance. Pass this enum to rpcs that returns an Instance message to // control which subsets of fields to get. enum InstanceView { @@ -68,6 +56,35 @@ enum InstanceView { INSTANCE_VIEW_FULL = 2; } +// View on Cluster. Pass this enum to rpcs that returns a cluster message to +// control which subsets of fields to get. +enum ClusterView { + // CLUSTER_VIEW_UNSPECIFIED Not specified, equivalent to BASIC. + CLUSTER_VIEW_UNSPECIFIED = 0; + + // BASIC server responses include all the relevant cluster details, excluding + // Cluster.ContinuousBackupInfo.EarliestRestorableTime and other view-specific + // fields. The default value. + CLUSTER_VIEW_BASIC = 1; + + // CONTINUOUS_BACKUP response returns all the fields from BASIC plus + // the earliest restorable time if continuous backups are enabled. + // May increase latency. + CLUSTER_VIEW_CONTINUOUS_BACKUP = 2; +} + +// The supported database engine versions. +enum DatabaseVersion { + // This is an unknown database version. + DATABASE_VERSION_UNSPECIFIED = 0; + + // DEPRECATED - The database version is Postgres 13. + POSTGRES_13 = 1 [deprecated = true]; + + // The database version is Postgres 14. + POSTGRES_14 = 2; +} + // The username/password for a database user. Used for specifying initial // users at cluster creation time. message UserPassword { @@ -141,25 +158,31 @@ message EncryptionInfo { ]; } -// SSL configuration for an AlloyDB Cluster. +// SSL configuration. message SslConfig { // SSL mode options. enum SslMode { - // SSL mode not specified. Defaults to SSL_MODE_ALLOW. + // SSL mode not specified. Defaults to ENCRYPTED_ONLY. SSL_MODE_UNSPECIFIED = 0; // SSL connections are optional. CA verification not enforced. - SSL_MODE_ALLOW = 1; + SSL_MODE_ALLOW = 1 [deprecated = true]; // SSL connections are required. CA verification not enforced. // Clients may use locally self-signed certificates (default psql client // behavior). - SSL_MODE_REQUIRE = 2; + SSL_MODE_REQUIRE = 2 [deprecated = true]; // SSL connections are required. CA verification enforced. // Clients must have certificates signed by a Cluster CA, e.g. via // GenerateClientCertificate. - SSL_MODE_VERIFY_CA = 3; + SSL_MODE_VERIFY_CA = 3 [deprecated = true]; + + // SSL connections are optional. CA verification not enforced. + ALLOW_UNENCRYPTED_AND_ENCRYPTED = 4; + + // SSL connections are required. CA verification not enforced. + ENCRYPTED_ONLY = 5; } // Certificate Authority (CA) source for SSL/TLS certificates. @@ -279,6 +302,48 @@ message AutomatedBackupPolicy { map labels = 7; } +// ContinuousBackupConfig describes the continuous backups recovery +// configurations of a cluster. +message ContinuousBackupConfig { + // Whether ContinuousBackup is enabled. + optional bool enabled = 1; + + // The number of days backups and logs will be retained, which determines the + // window of time that data is recoverable for. If not set, it defaults to 14 + // days. + int32 recovery_window_days = 4; + + // The encryption config can be specified to encrypt the + // backups with a customer-managed encryption key (CMEK). When this field is + // not specified, the backup will then use default encryption scheme to + // protect the user data. + EncryptionConfig encryption_config = 3; +} + +// ContinuousBackupInfo describes the continuous backup properties of a +// cluster. +message ContinuousBackupInfo { + // Output only. The encryption information for the WALs and backups required + // for ContinuousBackup. + EncryptionInfo encryption_info = 1 + [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. When ContinuousBackup was most recently enabled. Set to null + // if ContinuousBackup is not enabled. + google.protobuf.Timestamp enabled_time = 2 + [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. Days of the week on which a continuous backup is taken. Output + // only field. Ignored if passed into the request. + repeated google.type.DayOfWeek schedule = 3 + [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Output only. The earliest restorable time that can be restored to. Output + // only field. + google.protobuf.Timestamp earliest_restorable_time = 4 + [(google.api.field_behavior) = OUTPUT_ONLY]; +} + // Message describing a BackupSource. message BackupSource { // Output only. The system-generated UID of the backup which was used to @@ -294,6 +359,18 @@ message BackupSource { ]; } +// Message describing a ContinuousBackupSource. +message ContinuousBackupSource { + // Required. The source cluster from which to restore. This cluster must have + // continuous backup enabled for this operation to succeed. For the required + // format, see the comment on the Cluster.name field. + string cluster = 1 [(google.api.field_behavior) = REQUIRED]; + + // Required. The point in time to restore to. + google.protobuf.Timestamp point_in_time = 2 + [(google.api.field_behavior) = REQUIRED]; +} + // A cluster is a collection of regional AlloyDB resources. It can include a // primary instance and one or more read pool instances. // All cluster resources share a storage layer, which scales as needed. @@ -470,8 +547,8 @@ message Cluster { // documentation for the message type. AutomatedBackupPolicy automated_backup_policy = 17; - // SSL configuration for this AlloyDB Cluster. - SslConfig ssl_config = 18; + // SSL configuration for this AlloyDB cluster. + SslConfig ssl_config = 18 [deprecated = true]; // Optional. The encryption config can be specified to encrypt the data disks // and other persistent data resources of a cluster with a @@ -485,6 +562,14 @@ message Cluster { EncryptionInfo encryption_info = 20 [(google.api.field_behavior) = OUTPUT_ONLY]; + // Optional. Continuous backup configuration for this cluster. + ContinuousBackupConfig continuous_backup_config = 27 + [(google.api.field_behavior) = OPTIONAL]; + + // Output only. Continuous backup properties for this cluster. + ContinuousBackupInfo continuous_backup_info = 28 + [(google.api.field_behavior) = OUTPUT_ONLY]; + // Cross Region replication config specific to SECONDARY cluster. SecondaryConfig secondary_config = 22; @@ -610,10 +695,11 @@ message Instance { } // The Availability type of an instance. Potential values: + // // - ZONAL: The instance serves data from only one zone. Outages in that - // zone affect instance availability. + // zone affect instance availability. // - REGIONAL: The instance can serve data from more than one zone in a - // region (it is highly available). + // region (it is highly available). enum AvailabilityType { // This is an unknown Availability type. AVAILABILITY_TYPE_UNSPECIFIED = 0; @@ -669,8 +755,11 @@ message Instance { MachineConfig machine_config = 10; // Availability type of an Instance. - // Defaults to REGIONAL for both primary and read instances. - // Note that primary and read instances can have different availability types. + // If empty, defaults to REGIONAL for primary instances. + // For read pools, availability_type is always UNSPECIFIED. Instances in the + // read pools are evenly distributed across available zones within the region + // (i.e. read pools with more than one node will have a node in at + // least two zones). AvailabilityType availability_type = 11; // The Compute Engine zone that the instance should serve from, per @@ -822,7 +911,7 @@ message Backup { string cluster_uid = 18 [(google.api.field_behavior) = OUTPUT_ONLY]; // Required. The full resource name of the backup source cluster - // (e.g., projects//locations//clusters/). + // (e.g., projects/{project}/locations/{region}/clusters/{cluster_id}). string cluster_name = 10 [ (google.api.field_behavior) = REQUIRED, (google.api.resource_reference) = { type: "alloydb.googleapis.com/Cluster" } @@ -943,3 +1032,39 @@ message SupportedDatabaseFlag { // availability SLO's). bool requires_db_restart = 6; } + +// Message describing User object. +message User { + option (google.api.resource) = { + type: "alloydb.googleapis.com/User" + pattern: "projects/{project}/locations/{location}/clusters/{cluster}/users/{user}" + style: DECLARATIVE_FRIENDLY + }; + + // Enum that details the user type. + enum UserType { + // Unspecified user type. + USER_TYPE_UNSPECIFIED = 0; + + // The default user type that authenticates via password-based + // authentication. + ALLOYDB_BUILT_IN = 1; + + // Database user that can authenticate via IAM-Based authentication. + ALLOYDB_IAM_USER = 2; + } + + // Output only. Name of the resource in the form of + // projects/{project}/locations/{location}/cluster/{cluster}/users/{user}. + string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // Input only. Password for the user. + string password = 2 [(google.api.field_behavior) = INPUT_ONLY]; + + // Optional. List of database roles this user has. + // The database role strings are subject to the PostgreSQL naming conventions. + repeated string database_roles = 4 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Type of this user. + UserType user_type = 5 [(google.api.field_behavior) = OPTIONAL]; +} diff --git a/google/cloud/alloydb/v1/service.proto b/google/cloud/alloydb/v1/service.proto index ddc8ad705..4b4a87231 100644 --- a/google/cloud/alloydb/v1/service.proto +++ b/google/cloud/alloydb/v1/service.proto @@ -1,4 +1,4 @@ -// Copyright 2022 Google LLC +// Copyright 2023 Google LLC // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -98,6 +98,23 @@ service AlloyDBAdmin { }; } + // Promotes a SECONDARY cluster. This turns down replication + // from the PRIMARY cluster and promotes a secondary cluster + // into its own standalone cluster. + // Imperative only. + rpc PromoteCluster(PromoteClusterRequest) + returns (google.longrunning.Operation) { + option (google.api.http) = { + post: "/v1/{name=projects/*/locations/*/clusters/*}:promote" + body: "*" + }; + option (google.api.method_signature) = "name"; + option (google.longrunning.operation_info) = { + response_type: "Cluster" + metadata_type: "OperationMetadata" + }; + } + // Creates a new Cluster in a given project and location, with a volume // restored from the provided source, either a backup ID or a point-in-time // and a source cluster. @@ -113,6 +130,21 @@ service AlloyDBAdmin { }; } + // Creates a cluster of type SECONDARY in the given location using + // the primary cluster as the source. + rpc CreateSecondaryCluster(CreateSecondaryClusterRequest) + returns (google.longrunning.Operation) { + option (google.api.http) = { + post: "/v1/{parent=projects/*/locations/*}/clusters:createsecondary" + body: "cluster" + }; + option (google.api.method_signature) = "parent,cluster,cluster_id"; + option (google.longrunning.operation_info) = { + response_type: "Cluster" + metadata_type: "OperationMetadata" + }; + } + // Lists Instances in a given project and location. rpc ListInstances(ListInstancesRequest) returns (ListInstancesResponse) { option (google.api.http) = { @@ -143,6 +175,20 @@ service AlloyDBAdmin { }; } + // Creates a new SECONDARY Instance in a given project and location. + rpc CreateSecondaryInstance(CreateSecondaryInstanceRequest) + returns (google.longrunning.Operation) { + option (google.api.http) = { + post: "/v1/{parent=projects/*/locations/*/clusters/*}/instances:createsecondary" + body: "instance" + }; + option (google.api.method_signature) = "parent,instance,instance_id"; + option (google.longrunning.operation_info) = { + response_type: "Instance" + metadata_type: "OperationMetadata" + }; + } + // Creates new instances under the given project, location and cluster. // There can be only one primary instance in a cluster. If the primary // instance exists in the cluster as well as this request, then API will @@ -208,6 +254,20 @@ service AlloyDBAdmin { }; } + // Injects fault in an instance. + // Imperative only. + rpc InjectFault(InjectFaultRequest) returns (google.longrunning.Operation) { + option (google.api.http) = { + post: "/v1/{name=projects/*/locations/*/clusters/*/instances/*}:injectFault" + body: "*" + }; + option (google.api.method_signature) = "fault_type,name"; + option (google.longrunning.operation_info) = { + response_type: "Instance" + metadata_type: "OperationMetadata" + }; + } + // Restart an Instance in a cluster. // Imperative only. rpc RestartInstance(RestartInstanceRequest) @@ -285,6 +345,48 @@ service AlloyDBAdmin { }; option (google.api.method_signature) = "parent"; } + + // Lists Users in a given project and location. + rpc ListUsers(ListUsersRequest) returns (ListUsersResponse) { + option (google.api.http) = { + get: "/v1/{parent=projects/*/locations/*/clusters/*}/users" + }; + option (google.api.method_signature) = "parent"; + } + + // Gets details of a single User. + rpc GetUser(GetUserRequest) returns (User) { + option (google.api.http) = { + get: "/v1/{name=projects/*/locations/*/clusters/*/users/*}" + }; + option (google.api.method_signature) = "name"; + } + + // Creates a new User in a given project, location, and cluster. + rpc CreateUser(CreateUserRequest) returns (User) { + option (google.api.http) = { + post: "/v1/{parent=projects/*/locations/*/clusters/*}/users" + body: "user" + }; + option (google.api.method_signature) = "parent,user,user_id"; + } + + // Updates the parameters of a single User. + rpc UpdateUser(UpdateUserRequest) returns (User) { + option (google.api.http) = { + patch: "/v1/{user.name=projects/*/locations/*/clusters/*/users/*}" + body: "user" + }; + option (google.api.method_signature) = "user,update_mask"; + } + + // Deletes a single User. + rpc DeleteUser(DeleteUserRequest) returns (google.protobuf.Empty) { + option (google.api.http) = { + delete: "/v1/{name=projects/*/locations/*/clusters/*/users/*}" + }; + option (google.api.method_signature) = "name"; + } } // Message for requesting list of Clusters @@ -334,11 +436,52 @@ message GetClusterRequest { (google.api.field_behavior) = REQUIRED, (google.api.resource_reference) = { type: "alloydb.googleapis.com/Cluster" } ]; + + // Optional. The view of the cluster to return. Returns all default fields if + // not set. + ClusterView view = 2 [(google.api.field_behavior) = OPTIONAL]; +} + +message CreateSecondaryClusterRequest { + // Required. The location of the new cluster. For the required + // format, see the comment on the Cluster.name field. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + child_type: "alloydb.googleapis.com/Cluster" + } + ]; + + // Required. ID of the requesting object (the secondary cluster). + string cluster_id = 2 [(google.api.field_behavior) = REQUIRED]; + + // Required. Configuration of the requesting object (the secondary cluster). + Cluster cluster = 3 [(google.api.field_behavior) = REQUIRED]; + + // Optional. An optional request ID to identify requests. Specify a unique + // request ID so that if you must retry your request, the server will know to + // ignore the request if it has already been completed. The server will + // guarantee that for at least 60 minutes since the first request. + // + // For example, consider a situation where you make an initial request and + // the request times out. If you make the request again with the same request + // ID, the server can check if original operation with the same request ID + // was received, and if so, will ignore the second request. This prevents + // clients from accidentally creating duplicate commitments. + // + // The request ID must be a valid UUID with the exception that zero UUID is + // not supported (00000000-0000-0000-0000-000000000000). + string request_id = 5 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. If set, performs request validation (e.g. permission checks and + // any other type of validation), but do not actually execute the create + // request. + bool validate_only = 6 [(google.api.field_behavior) = OPTIONAL]; } // Message for creating a Cluster message CreateClusterRequest { - // Required. The name of the parent resource. For the required format, see the + // Required. The location of the new cluster. For the required format, see the // comment on the Cluster.name field. string parent = 1 [ (google.api.field_behavior) = REQUIRED, @@ -449,6 +592,40 @@ message DeleteClusterRequest { bool force = 5 [(google.api.field_behavior) = OPTIONAL]; } +// Message for promoting a Cluster +message PromoteClusterRequest { + // Required. The name of the resource. For the required format, see the + // comment on the Cluster.name field + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { type: "alloydb.googleapis.com/Cluster" } + ]; + + // Optional. An optional request ID to identify requests. Specify a unique + // request ID so that if you must retry your request, the server will know to + // ignore the request if it has already been completed. The server will + // guarantee that for at least 60 minutes after the first request. + // + // For example, consider a situation where you make an initial request and + // the request times out. If you make the request again with the same request + // ID, the server can check if original operation with the same request ID + // was received, and if so, will ignore the second request. This prevents + // clients from accidentally creating duplicate commitments. + // + // The request ID must be a valid UUID with the exception that zero UUID is + // not supported (00000000-0000-0000-0000-000000000000). + string request_id = 2 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. The current etag of the Cluster. + // If an etag is provided and does not match the current etag of the Cluster, + // deletion will be blocked and an ABORTED error will be returned. + string etag = 3 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. If set, performs request validation (e.g. permission checks and + // any other type of validation), but do not actually execute the delete. + bool validate_only = 4 [(google.api.field_behavior) = OPTIONAL]; +} + // Message for restoring a Cluster from a backup or another cluster at a given // point in time. message RestoreClusterRequest { @@ -457,6 +634,10 @@ message RestoreClusterRequest { oneof source { // Backup source. BackupSource backup_source = 4; + + // ContinuousBackup source. Continuous backup needs to be enabled in the + // source cluster for this operation to succeed. + ContinuousBackupSource continuous_backup_source = 8; } // Required. The name of the parent resource. For the required format, see the @@ -589,6 +770,44 @@ message CreateInstanceRequest { bool validate_only = 5 [(google.api.field_behavior) = OPTIONAL]; } +// Message for creating a Secondary Instance +message CreateSecondaryInstanceRequest { + // Required. The name of the parent resource. For the required format, see the + // comment on the Instance.name field. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + child_type: "alloydb.googleapis.com/Instance" + } + ]; + + // Required. ID of the requesting object. + string instance_id = 2 [(google.api.field_behavior) = REQUIRED]; + + // Required. The resource being created + Instance instance = 3 [(google.api.field_behavior) = REQUIRED]; + + // Optional. An optional request ID to identify requests. Specify a unique + // request ID so that if you must retry your request, the server will know to + // ignore the request if it has already been completed. The server will + // guarantee that for at least 60 minutes since the first request. + // + // For example, consider a situation where you make an initial request and + // the request times out. If you make the request again with the same request + // ID, the server can check if original operation with the same request ID + // was received, and if so, will ignore the second request. This prevents + // clients from accidentally creating duplicate commitments. + // + // The request ID must be a valid UUID with the exception that zero UUID is + // not supported (00000000-0000-0000-0000-000000000000). + string request_id = 4 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. If set, performs request validation (e.g. permission checks and + // any other type of validation), but do not actually execute the create + // request. + bool validate_only = 5 [(google.api.field_behavior) = OPTIONAL]; +} + // See usage below for notes. message CreateInstanceRequests { // Required. Primary and read replica instances to be created. This list @@ -633,6 +852,7 @@ message BatchCreateInstancesResponse { } // Message for metadata that is specific to BatchCreateInstances API. +// NEXT_ID: 3 message BatchCreateInstancesMetadata { // The instances being created in the API call. Each string in this list // is the server defined resource path for target instances in the request @@ -660,6 +880,7 @@ message BatchCreateInstancesMetadata { // 2. Instance2 = ROLLED_BACK // 3. Instance3 = FAILED // 4. Instance4 = FAILED +// // However, while the operation is running, the instance might be in other // states including PENDING_CREATE, ACTIVE, DELETING and CREATING. The states // / do not get further updated once the operation is done. @@ -819,6 +1040,51 @@ message FailoverInstanceRequest { bool validate_only = 3 [(google.api.field_behavior) = OPTIONAL]; } +// Message for triggering fault injection on an instance +message InjectFaultRequest { + // FaultType contains all valid types of faults that can be injected to an + // instance. + enum FaultType { + // The fault type is unknown. + FAULT_TYPE_UNSPECIFIED = 0; + + // Stop the VM + STOP_VM = 1; + } + + // Required. The type of fault to be injected in an instance. + FaultType fault_type = 1 [(google.api.field_behavior) = REQUIRED]; + + // Required. The name of the resource. For the required format, see the + // comment on the Instance.name field. + string name = 2 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "alloydb.googleapis.com/Instance" + } + ]; + + // Optional. An optional request ID to identify requests. Specify a unique + // request ID so that if you must retry your request, the server will know to + // ignore the request if it has already been completed. The server will + // guarantee that for at least 60 minutes after the first request. + // + // For example, consider a situation where you make an initial request and + // the request times out. If you make the request again with the same request + // ID, the server can check if original operation with the same request ID + // was received, and if so, will ignore the second request. This prevents + // clients from accidentally creating duplicate commitments. + // + // The request ID must be a valid UUID with the exception that zero UUID is + // not supported (00000000-0000-0000-0000-000000000000). + string request_id = 3 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. If set, performs request validation (e.g. permission checks and + // any other type of validation), but do not actually execute the fault + // injection. + bool validate_only = 4 [(google.api.field_behavior) = OPTIONAL]; +} + message RestartInstanceRequest { // Required. The name of the resource. For the required format, see the // comment on the Instance.name field. @@ -1070,3 +1336,150 @@ message OperationMetadata { // Output only. API version used to start the operation. string api_version = 7 [(google.api.field_behavior) = OUTPUT_ONLY]; } + +// Message for requesting list of Users +message ListUsersRequest { + // Required. Parent value for ListUsersRequest + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + child_type: "alloydb.googleapis.com/User" + } + ]; + + // Optional. Requested page size. Server may return fewer items than + // requested. If unspecified, server will pick an appropriate default. + int32 page_size = 2 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. A token identifying a page of results the server should return. + string page_token = 3 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Filtering results + string filter = 4 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Hint for how to order the results + string order_by = 5 [(google.api.field_behavior) = OPTIONAL]; +} + +// Message for response to listing Users +message ListUsersResponse { + // The list of User + repeated User users = 1; + + // A token identifying a page of results the server should return. + string next_page_token = 2; + + // Locations that could not be reached. + repeated string unreachable = 3; +} + +// Message for getting a User +message GetUserRequest { + // Required. The name of the resource. For the required format, see the + // comment on the User.name field. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { type: "alloydb.googleapis.com/User" } + ]; +} + +// Message for creating a User +message CreateUserRequest { + // Required. Value for parent. + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + child_type: "alloydb.googleapis.com/User" + } + ]; + + // Required. ID of the requesting object. + string user_id = 2 [(google.api.field_behavior) = REQUIRED]; + + // Required. The resource being created + User user = 3 [(google.api.field_behavior) = REQUIRED]; + + // Optional. An optional request ID to identify requests. Specify a unique + // request ID so that if you must retry your request, the server will know to + // ignore the request if it has already been completed. The server will + // guarantee that for at least 60 minutes since the first request. + // + // For example, consider a situation where you make an initial request and + // the request times out. If you make the request again with the same request + // ID, the server can check if original operation with the same request ID + // was received, and if so, will ignore the second request. This prevents + // clients from accidentally creating duplicate commitments. + // + // The request ID must be a valid UUID with the exception that zero UUID is + // not supported (00000000-0000-0000-0000-000000000000). + string request_id = 4 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. If set, the backend validates the request, but doesn't actually + // execute it. + bool validate_only = 5 [(google.api.field_behavior) = OPTIONAL]; +} + +// Message for updating a User +message UpdateUserRequest { + // Optional. Field mask is used to specify the fields to be overwritten in the + // User resource by the update. + // The fields specified in the update_mask are relative to the resource, not + // the full request. A field will be overwritten if it is in the mask. If the + // user does not provide a mask then all fields will be overwritten. + google.protobuf.FieldMask update_mask = 1 + [(google.api.field_behavior) = OPTIONAL]; + + // Required. The resource being updated + User user = 2 [(google.api.field_behavior) = REQUIRED]; + + // Optional. An optional request ID to identify requests. Specify a unique + // request ID so that if you must retry your request, the server will know to + // ignore the request if it has already been completed. The server will + // guarantee that for at least 60 minutes since the first request. + // + // For example, consider a situation where you make an initial request and + // the request times out. If you make the request again with the same request + // ID, the server can check if original operation with the same request ID + // was received, and if so, will ignore the second request. This prevents + // clients from accidentally creating duplicate commitments. + // + // The request ID must be a valid UUID with the exception that zero UUID is + // not supported (00000000-0000-0000-0000-000000000000). + string request_id = 3 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. If set, the backend validates the request, but doesn't actually + // execute it. + bool validate_only = 4 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. Allow missing fields in the update mask. + bool allow_missing = 5 [(google.api.field_behavior) = OPTIONAL]; +} + +// Message for deleting a User +message DeleteUserRequest { + // Required. The name of the resource. For the required format, see the + // comment on the User.name field. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { type: "alloydb.googleapis.com/User" } + ]; + + // Optional. An optional request ID to identify requests. Specify a unique + // request ID so that if you must retry your request, the server will know to + // ignore the request if it has already been completed. The server will + // guarantee that for at least 60 minutes after the first request. + // + // For example, consider a situation where you make an initial request and + // the request times out. If you make the request again with the same request + // ID, the server can check if original operation with the same request ID + // was received, and if so, will ignore the second request. This prevents + // clients from accidentally creating duplicate commitments. + // + // The request ID must be a valid UUID with the exception that zero UUID is + // not supported (00000000-0000-0000-0000-000000000000). + string request_id = 2 [(google.api.field_behavior) = OPTIONAL]; + + // Optional. If set, the backend validates the request, but doesn't actually + // execute it. + bool validate_only = 3 [(google.api.field_behavior) = OPTIONAL]; +}